Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/iiRjIu2jJBQsqPBF6jMJsSfN--s.roa
File: iiRjIu2jJBQsqPBF6jMJsSfN--s.roa (raw, json)
Hash identifier: CW6LBm2d3DKM8MBdvYtljd+CgENCJvFFRVvakWuJJ+M=
Subject key identifier: 8A:24:63:22:ED:A3:24:14:2C:A8:F0:45:EA:33:09:B1:27:CD:FB:EB
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019DF2144AC76D14623A627B44A1E7720D3B
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/iiRjIu2jJBQsqPBF6jMJsSfN--s.roa
Signing time: Mon 04 May 2026 08:21:49 +0000
ROA not before: Mon 04 May 2026 08:21:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5511
IP address blocks: 80.12.76.0/24 maxlen: 24
80.12.79.0/24 maxlen: 24
80.12.96.0/22 maxlen: 24
80.12.96.0/23 maxlen: 24
80.12.98.0/24 maxlen: 24
80.12.160.0/19 maxlen: 19
81.52.128.0/21 maxlen: 24
81.52.136.0/22 maxlen: 24
81.52.140.0/23 maxlen: 24
81.52.160.0/24 maxlen: 24
81.52.166.0/23 maxlen: 24
81.52.168.0/23 maxlen: 24
81.52.176.0/20 maxlen: 24
81.52.190.0/24 maxlen: 24
81.52.201.0/24 maxlen: 24
81.52.202.0/24 maxlen: 24
81.52.236.0/22 maxlen: 24
81.253.120.0/21 maxlen: 21
90.84.48.0/20 maxlen: 24
90.84.128.0/20 maxlen: 24
90.84.148.0/24 maxlen: 24
90.84.151.0/24 maxlen: 24
90.84.159.0/24 maxlen: 24
90.84.255.0/24 maxlen: 24
193.251.128.0/19 maxlen: 24
193.251.148.0/23 maxlen: 23
193.251.160.0/20 maxlen: 24
193.251.169.0/24 maxlen: 24
193.251.220.0/22 maxlen: 24
193.251.240.0/20 maxlen: 24
193.252.113.0/24 maxlen: 24
193.252.226.0/24 maxlen: 24
193.253.158.0/23 maxlen: 23
2001:688::/32 maxlen: 48
2001:688:2::/48 maxlen: 48
2001:688:3::/48 maxlen: 48
2001:688:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 11:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f2:14:4a:c7:6d:14:62:3a:62:7b:44:a1:e7:72:0d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: May 4 08:21:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8a246322eda324142ca8f045ea3309b127cdfbeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:99:92:d9:c0:bb:21:75:b5:a7:83:f7:cd:00:
00:44:84:d0:35:eb:cf:56:95:52:9f:40:92:cb:d7:
19:59:2c:60:31:a7:c5:2c:64:c1:cd:5d:cc:10:7d:
2b:98:9c:ff:a6:f3:97:e3:c0:83:ae:e8:bd:89:1f:
1f:0c:d1:d4:9b:74:d3:24:9f:7f:72:15:e6:cb:e1:
75:5a:db:d6:f9:a5:d1:73:cb:46:61:8c:03:84:92:
8a:a7:c1:13:21:2c:27:ca:a3:cf:ba:e6:a7:1b:e9:
8b:2e:4e:a1:6a:18:a4:28:28:e7:04:d5:db:53:c3:
40:7d:ec:a1:74:f7:f2:b4:d1:cd:28:31:30:77:fc:
65:f7:1d:7e:37:96:75:6a:db:7b:ad:fc:9d:a3:20:
c4:05:57:d5:13:2d:44:14:e5:8a:95:48:b2:76:ff:
9b:4a:43:36:6d:90:88:15:51:18:49:9e:ff:92:d7:
b9:3d:da:93:bc:59:1b:e4:12:bd:ce:ee:0f:c8:eb:
d6:1c:53:12:5a:16:61:f4:42:44:a1:35:dc:91:64:
9a:10:08:b1:8b:da:6d:4f:70:c7:9e:c8:b1:70:fb:
e5:01:3c:e1:46:e9:7b:e4:e5:07:0b:10:29:d5:d2:
8c:7d:9c:1c:d6:11:62:89:08:37:11:61:49:8b:ee:
29:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:24:63:22:ED:A3:24:14:2C:A8:F0:45:EA:33:09:B1:27:CD:FB:EB
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/iiRjIu2jJBQsqPBF6jMJsSfN--s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.12.76.0/24
80.12.79.0/24
80.12.96.0/22
80.12.160.0/19
81.52.128.0-81.52.141.255
81.52.160.0/24
81.52.166.0-81.52.169.255
81.52.176.0/20
81.52.201.0-81.52.202.255
81.52.236.0/22
81.253.120.0/21
90.84.48.0/20
90.84.128.0/20
90.84.148.0/24
90.84.151.0/24
90.84.159.0/24
90.84.255.0/24
193.251.128.0-193.251.175.255
193.251.220.0/22
193.251.240.0/20
193.252.113.0/24
193.252.226.0/24
193.253.158.0/23
IPv6:
2001:688::/32
Signature Algorithm: sha256WithRSAEncryption
78:ba:56:35:9f:17:58:aa:7f:2e:1b:f6:a5:dd:e8:2c:1c:8c:
22:c1:32:8b:ef:eb:f6:18:09:3d:55:97:8d:73:93:99:8c:9b:
f7:69:06:55:fc:0f:55:28:bc:83:d4:f3:e6:d3:91:5c:c9:d7:
77:c2:3c:d5:b4:52:e5:e5:3e:d3:fa:51:60:5f:b9:61:27:1c:
8d:40:1e:94:d5:a3:7d:dd:3d:f8:28:82:fd:9b:1b:8b:fb:78:
6d:f3:7c:0b:c7:e8:1c:5a:f1:82:80:42:db:52:2b:9a:b2:cc:
84:c7:3b:2d:8d:91:cc:f4:6e:7a:7d:63:75:8c:ed:d2:18:d3:
f6:70:85:7f:b5:f7:68:da:a9:41:fe:ac:61:ba:9f:91:8c:db:
78:e9:0c:37:a9:78:35:f8:92:34:bc:6d:6e:28:cb:2f:c5:7c:
9b:24:f5:e9:9b:49:eb:52:60:57:0e:60:09:fd:92:2b:d3:c8:
e5:cf:b6:89:02:ef:1b:71:9a:12:f5:5b:1f:4a:dd:70:ce:8f:
a7:5a:4a:26:42:c5:c7:40:61:00:ff:17:2a:3e:92:34:93:e0:
7a:28:da:3d:26:2f:11:38:61:17:1c:28:c2:db:1d:d7:2b:ab:
a4:ba:85:1c:a5:4c:b6:67:b2:5a:f1:ce:a1:ed:72:6c:70:ee:
35:69:dd:96
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAZ3yFErHbRRiOmJ7RKHncg07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjYwNTA0MDgyMTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTI0NjMyMmVkYTMyNDE0MmNhOGYwNDVlYTMzMDliMTI3Y2RmYmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZmS2cC7IXW1p4P3zQAARITQNevP
VpVSn0CSy9cZWSxgMafFLGTBzV3MEH0rmJz/pvOX48CDrui9iR8fDNHUm3TTJJ9/
chXmy+F1WtvW+aXRc8tGYYwDhJKKp8ETISwnyqPPuuanG+mLLk6hahikKCjnBNXb
U8NAfeyhdPfytNHNKDEwd/xl9x1+N5Z1att7rfydoyDEBVfVEy1EFOWKlUiydv+b
SkM2bZCIFVEYSZ7/kte5PdqTvFkb5BK9zu4PyOvWHFMSWhZh9EJEoTXckWSaEAix
i9ptT3DHnsixcPvlATzhRul75OUHCxAp1dKMfZwc1hFiiQg3EWFJi+4pswIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFIokYyLtoyQULKjwReozCbEnzfvrMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvaWlSakl1MmpKQlFzcVBCRjZqTUpzU2ZOLS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBsQQCAAEwgaoDBABQ
DEwDBABQDE8DBAJQDGADBAVQDKAwDAMEB1E0gAMEAVE0jAMEAFE0oDAMAwQBUTSm
AwQBUTSoAwQEUTSwMAwDBABRNMkDBABRNMoDBAJRNOwDBANR/XgDBARaVDADBARa
VIADBABaVJQDBABaVJcDBABaVJ8DBABaVP8wDAMEB8H7gAMEBMH7oAMEAsH73AME
BMH78AMEAMH8cQMEAMH84gMEAcH9njANBAIAAjAHAwUAIAEGiDANBgkqhkiG9w0B
AQsFAAOCAQEAeLpWNZ8XWKp/Lhv2pd3oLByMIsEyi+/r9hgJPVWXjXOTmYyb92kG
VfwPVSi8g9Tz5tORXMnXd8I81bRS5eU+0/pRYF+5YSccjUAelNWjfd09+CiC/Zsb
i/t4bfN8C8foHFrxgoBC21IrmrLMhMc7LY2RzPRuen1jdYzt0hjT9nCFf7X3aNqp
Qf6sYbqfkYzbeOkMN6l4NfiSNLxtbijLL8V8myT16ZtJ61JgVw5gCf2SK9PI5c+2
iQLvG3GaEvVbH0rdcM6Pp1pKJkLFx0BhAP8XKj6SNJPgeijaPSYvEThhFxwowtsd
1yurpLqFHKVMtmeyWvHOoe1ybHDuNWndlg==
-----END CERTIFICATE-----
Generated at Tue May 12 21:48:05 2026 by rpki-client